1. Field
The present invention relates to a software update verification apparatus, method and program, and, more specifically, to the software update verification apparatus, method and program in which software update on a universal OS (Operating System) is performed upon verification of validity of the update.
2. Description of the Related Art
A universal OS (Operating System) is loaded into commercial computers. The universal OS includes an interface (software update interface) which performs such update processing to update software (ex. program) operating on the OS. This interface is activated in a specific software update mode.
A software update verification apparatus is proposed in Japanese Laid-Open Patent Publication 2006-113754 in which the software update verification apparatus promptly confirms operations of updating to a new OS and confirming the validity of the update in a plurality of nodes.
Being universal, the universal OS has to be capable of being used by all users. Therefore, it is impossible to inhibit calling itself of a software update interface which is part of the universal OS. As a result, any person with malicious intention can call the software update interface and illegally update the software on the universal OS.
Such illegal software update can be prevented in the following way. For example, a password file is made before calling the software update interface. Then the password is referred after the computer is restarted in the software update mode by the software update interface. If the password is invalid, the rest of the software update processing is not performed.
In this method, however, according to an inspection by the inventor of the present invention, it is possible to obtain the password file by using a method, such as for cutting power of the computer at timing before restarting the computer after changing into the software update mode. If the computer is restarted in the software update mode by using the password file obtained illegally, the computer cannot verify if the password is invalid even though the password is referred. Therefore, it is impossible to prevent malicious software update processing from that time on.